ipfw2 shaper bottleneck
frums at hush.com
frums at hush.com
Wed Sep 10 16:14:00 PDT 2003
Im wondering if anybody has had any experience with traffic shaping
a gigabit link. Im currently having lots of diffrent problems with the
shaping, Im tryin to shape about 500 hosts via mac address to various
speeds 5,10,15Mb/s etc and having varying results. I see a large
diffrence in system performance after about 100/100 pipes/rules. The
system will shape part of the network fine for many hours, then it
stops passing traffic properly, all traffic becomes very slow or
completely stops. Is there a limit on the amount of pipes ipfw can
handle? Or do I have some sort of other bottleneck? I did have a problem
with one of the nics constantly resetting, the only solution I found
that worked was to change:
if_bgereg.h:#define ETHER_ALIGN 2 to 0. This stopped the card from
resetting constantly every few seconds.
The system is currently running fbsd 4.9-pre cvs from sunday night on
a
dual xeon 2.2ghz, 1gb ram and dual 3com 3c996-SX (broadcom bcm5701tkhb
chipset)
bge0: <Broadcom BCM5701 Gigabit Ethernet, ASIC rev. 0x105> mem 0xfc200000-
0xfc20ffff irq 11 at device 2.0 on pci2
bge0: Ethernet address: 00:0a:5e:01:00:00
bge1: <Broadcom BCM5701 Gigabit Ethernet, ASIC rev. 0x105> mem 0xfc300000-
0xfc30ffff irq 12 at device 1.0 on pci3
bge1: Ethernet address: 00:0a:5e:00:00:00
These are the rules I am currently using.
ipfw pipe 1 config bw 5Mbit/s
ipfw add 1 pipe 1 MAC any 00:11:22:33:44:55:66
The max bandwidth is currenly 500MB/s and both nics are in 64bit PCI-
X slots. And mbuf clusters was raised:
648/14624/262144 mbufs in use (current/peak/max):
642 mbufs allocated to data
6 mbufs allocated to packet headers
640/14270/65536 mbuf clusters in use (current/peak/max)
32196 Kbytes allocated to network (16% of mb_map in use)
0 requests for memory denied
0 requests for memory delayed
0 calls to protocol drain routines
(taken w/o traffic flowing thru it, but has peaks from real traffic)
I am currently only trying to limit in one direction.
Any advice or help would be greatly appreciated
Thanks.
Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2
Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434
Promote security and make money with the Hushmail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427
More information about the freebsd-ipfw
mailing list